Consolidating and centralising your security management is essential with modern distributed networks. With an ever increasing number of security controls deployed on prem, off prem and in the cloud, a holistic view is crucial in order to see and act upon security date in a timely way to maintain the highest level of protection and compliance.
“The panacea of the ‘single pane of glass’ is the future but the reality, for the moment, is more than likely double or triple glazed.”
Gartner defines Zero trust network access (ZTNA) as…
“a product or service that creates an identity- and context-based, logical access boundary around an application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a set of named entities. The broker verifies the identity, context and policy adherence of the specified participants before allowing access and prohibits lateral movement elsewhere in the network. This removes application assets from public visibility and significantly reduces the surface area for attack.”
Endpoint Agent for Visibility and Control, Endpoint Protection, and Secure Remote Access using VPN and Zero Trust Technologies
FortiClient ZTNA works with FortiOS to enable secure granular access to applications no matter if the user is local or remote. Each session is initiated with an automatic, encrypted tunnel from FortiClient to the FortiOS proxy point for user and device verification. If verified, access is granted for that session. You can also use multifactor authentication to provide an additional layer of security. With ZTNA, organizations benefit from both a better remote access solution and a consistent policy for controlled access to applications irrespective of endpoint location.
The access proxy sits between the endpoints and applications, and continuously validates the posture and identity of each connection, and providing secure micro-segmented access for each session. The access proxy is a feature of FortiGate and natively integrated with SDWAN, SASE, NGFW and all other FortiGate components.
User Identity Management and Single Sign-On
FortiAuthenticator is the gatekeeper of authorization into the Fortinet secured enterprise network identifying users, querying access permissions from third party systems, and communicating this information to FortiGate devices for use in Identity-Based Policies. This additional layer of security greatly reduces the possibility of data leaks while helping companies meet audit requirements associated with government and business privacy regulations.
Enable two-factor authentication with FortiToken Mobile (FTM) One-Time Password (OTP) Application with Push Notifications or a Hardware Time-Based OTP Token
Fortinet FortiToken Mobile (FTM) and hardware OTP Tokens are fully integrated with FortiClient, protected by FortiGuard, and leverage direct management and use within the FortiGate and FortiAuthenticator security platforms. Fortinet two-factor authentication solutions are easy to manage and easy to use.